User Guide
Page 14
... Contents 8.1.1 What You Can Do in this Chapter 133 8.1.2 What You Need To Know 133 8.2 The Port Forwarding Screen 134 8.2.1 Add/Edit Port Forwarding 136 8.3 The Applications Screen ...137 8.3.1 Add New Application 138 8.4 The Port Triggering Screen 139 8.4.1 Add/Edit Port Triggering Rule 141 8.5 The DMZ Screen ...143 8.6 The ALG Screen ...144 8.7 The Sessions Screen ...144... 163 Chapter 12 Certificates ...165 12.1 Overview ...165 12.1.1 What You Can Do in this Chapter 165 12.2 What You Need to Know 165 14 P-660HN-51 User's Guide
... Contents 8.1.1 What You Can Do in this Chapter 133 8.1.2 What You Need To Know 133 8.2 The Port Forwarding Screen 134 8.2.1 Add/Edit Port Forwarding 136 8.3 The Applications Screen ...137 8.3.1 Add New Application 138 8.4 The Port Triggering Screen 139 8.4.1 Add/Edit Port Triggering Rule 141 8.5 The DMZ Screen ...143 8.6 The ALG Screen ...144 8.7 The Sessions Screen ...144... 163 Chapter 12 Certificates ...165 12.1 Overview ...165 12.1.1 What You Can Do in this Chapter 165 12.2 What You Need to Know 165 14 P-660HN-51 User's Guide
User Guide
Page 31
...660HN-51 User's Guide 31 WDS Use this screen to set up Wireless Distribution System (WDS) links to other advanced properties. Sessions Use this screen to make your WPS (Wi-Fi Protected Setup) settings. NAT Port Forwarding Use this screen to limit the number of certain SSIDs and MAC addresses to the ZyXEL Device. Port... directions for network services. MAC Use this screen to block or allow wireless traffic from ports that are not specified in the Port Forwarding screen. Settings Use this screen to add and configure IPSec tunnels. Firewall General Use this...
...660HN-51 User's Guide 31 WDS Use this screen to set up Wireless Distribution System (WDS) links to other advanced properties. Sessions Use this screen to make your WPS (Wi-Fi Protected Setup) settings. NAT Port Forwarding Use this screen to limit the number of certain SSIDs and MAC addresses to the ZyXEL Device. Port... directions for network services. MAC Use this screen to block or allow wireless traffic from ports that are not specified in the Port Forwarding screen. Settings Use this screen to add and configure IPSec tunnels. Firewall General Use this...
User Guide
Page 32
... without turning the power off. 32 P-660HN-51 User's Guide You can also configure the QoS rules and actions. Reboot Reboot Use this screen to view the status of all network traffic going through the WAN port of the ZyXEL Device. DNS Setting DNS Entry Use this screen to configure .... System Monitor ARP Table ARP Table Use this screen to configure policy routing on the ZyXEL Device. You can export or e-mail the logs. Policy Forwarding Policy Forwarding Use this screen to view the ARP table. Dynamic DNS Use this screen to select which logs and/or immediate alerts your ...
... without turning the power off. 32 P-660HN-51 User's Guide You can also configure the QoS rules and actions. Reboot Reboot Use this screen to view the status of all network traffic going through the WAN port of the ZyXEL Device. DNS Setting DNS Entry Use this screen to configure .... System Monitor ARP Table ARP Table Use this screen to configure policy routing on the ZyXEL Device. You can export or e-mail the logs. Policy Forwarding Policy Forwarding Use this screen to view the ARP table. Dynamic DNS Use this screen to select which logs and/or immediate alerts your ...
User Guide
Page 133
...page 134). • Use the Applications screen to forward incoming service requests to the server(s) on your local network (Section 8.3 on page 137). • Use the Port Triggering screen to add and configure the ZyXEL Device's trigger port settings (Section 8.4 on page 139). • Use... Need To Know Inside/Outside Inside/outside hosts. NAT (Network Address Translation - P-660HN-51 User's Guide 133 CHAPTER 8 Network Address Translation (NAT) 8.1 Overview This chapter discusses how to configure NAT on the Internet are the inside hosts, while the web servers on the ZyXEL Device.
...page 134). • Use the Applications screen to forward incoming service requests to the server(s) on your local network (Section 8.3 on page 137). • Use the Port Triggering screen to add and configure the ZyXEL Device's trigger port settings (Section 8.4 on page 139). • Use... Need To Know Inside/Outside Inside/outside hosts. NAT (Network Address Translation - P-660HN-51 User's Guide 133 CHAPTER 8 Network Address Translation (NAT) 8.1 Overview This chapter discusses how to configure NAT on the Internet are the inside hosts, while the web servers on the ZyXEL Device.
User Guide
Page 134
... NAT. 8.2 The Port Forwarding Screen Use the Port Forwarding screen to forward incoming service requests to the server(s) on page 145 for further information about port numbers. 134 P-660HN-51 User's Guide You may enter a single port number or a range of port numbers to specify a range of port numbers. You can ...address of a host in a packet as the packet traverses a router, for example, web or FTP, that corresponds to a port or a range of ports. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, the local address refers to the IP ...
... NAT. 8.2 The Port Forwarding Screen Use the Port Forwarding screen to forward incoming service requests to the server(s) on page 145 for further information about port numbers. 134 P-660HN-51 User's Guide You may enter a single port number or a range of port numbers to specify a range of port numbers. You can ...address of a host in a packet as the packet traverses a router, for example, web or FTP, that corresponds to a port or a range of ports. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, the local address refers to the IP ...
User Guide
Page 135
...open the following screen. The NAT network appears as a Web or FTP server) from your location. Figure 43 Network Settings > NAT > Port Forwarding P-660HN-51 User's Guide 135 See Appendix E on the Internet. Chapter 8 Network Address Translation (NAT) Note: Many residential broadband ISP accounts do ...active services at your ISP. Your ISP may periodically check for particular services. Configuring Servers Behind Port Forwarding (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example).
...open the following screen. The NAT network appears as a Web or FTP server) from your location. Figure 43 Network Settings > NAT > Port Forwarding P-660HN-51 User's Guide 135 See Appendix E on the Internet. Chapter 8 Network Address Translation (NAT) Note: Many residential broadband ISP accounts do ...active services at your ISP. Your ISP may periodically check for particular services. Configuring Servers Behind Port Forwarding (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example).
User Guide
Page 136
... the fields in this rule is active. This is forwarded. This shows the WAN interface through which the service is the index number of the entry. Figure 44 Port Forwarding: Add/Edit 136 P-660HN-51 User's Guide Chapter 8 Network Address Translation (NAT) The... following screen. Table 27 Network Settings > NAT > Port Forwarding LABEL Add new rule # Status Service Name WAN Interface External Start Port External End Port Internal Start Port Internal End Port Server IP...
... the fields in this rule is active. This is forwarded. This shows the WAN interface through which the service is the index number of the entry. Figure 44 Port Forwarding: Add/Edit 136 P-660HN-51 User's Guide Chapter 8 Network Address Translation (NAT) The... following screen. Table 27 Network Settings > NAT > Port Forwarding LABEL Add new rule # Status Service Name WAN Interface External Start Port External End Port Internal Start Port Internal End Port Server IP...
User Guide
Page 137
... screen allows you to which you want the ZyXEL Device to which the service is forwarded. Select the check box to exit this field. Click Apply to disable the rule. P-660HN-51 User's Guide 137 Choices are TCP, UDP, or TCP/UDP. To forward only one port, enter the port number in this screen without saving. 8.3 The...
... screen allows you to which you want the ZyXEL Device to which the service is forwarded. Select the check box to exit this field. Click Apply to disable the rule. P-660HN-51 User's Guide 137 Choices are TCP, UDP, or TCP/UDP. To forward only one port, enter the port number in this screen without saving. 8.3 The...
User Guide
Page 139
... the server side. In order to use the application. P-660HN-51 User's Guide 139 Application Category Select the category of the application from the drop-down list box. When the ZyXEL Device's WAN port receives a response with a specific port number and protocol ("open" port), the ZyXEL Device forwards the traffic to exit this NAT rule to save your...
... the server side. In order to use the application. P-660HN-51 User's Guide 139 Application Category Select the category of the application from the drop-down list box. When the ZyXEL Device's WAN port receives a response with a specific port number and protocol ("open" port), the ZyXEL Device forwards the traffic to exit this NAT rule to save your...
User Guide
Page 140
... to view your ZyXEL Device's trigger port settings. Chapter 8 Network Address Translation (NAT) For example: Figure 47 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is active or not. The ZyXEL Device times out in... Figure 48 Network Settings > NAT > Port Triggering The following screen. A yellow bulb signifies that this rule. 140 P-660HN-51 User's Guide Status This field displays whether the port triggering rule is a "trigger" port and causes the ZyXEL Device to open the following table describes...
... to view your ZyXEL Device's trigger port settings. Chapter 8 Network Address Translation (NAT) For example: Figure 47 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is active or not. The ZyXEL Device times out in... Figure 48 Network Settings > NAT > Port Triggering The following screen. A yellow bulb signifies that this rule. 140 P-660HN-51 User's Guide Status This field displays whether the port triggering rule is a "trigger" port and causes the ZyXEL Device to open the following table describes...
User Guide
Page 141
... (NAT) Table 31 Network Settings > NAT > Port Triggering (continued) LABEL WAN Interface Trigger Port Start End Trigger Proto. The ZyXEL Device forwards the traffic with this rule. Figure 49 Port Triggering: Add/Edit P-660HN-51 User's Guide 141 This is a port (or a range of ports) to delete an existing rule. 8.4.1 Add/Edit Port Triggering Rule This screen lets you create...
... (NAT) Table 31 Network Settings > NAT > Port Triggering (continued) LABEL WAN Interface Trigger Port Start End Trigger Proto. The ZyXEL Device forwards the traffic with this rule. Figure 49 Port Triggering: Add/Edit P-660HN-51 User's Guide 141 This is a port (or a range of ports) to delete an existing rule. 8.4.1 Add/Edit Port Triggering Rule This screen lets you create...
User Guide
Page 142
... or TCP/UDP. The open port is read -only in the Port Triggering Edit screen. The ZyXEL Device forwards the traffic with this port (or range of the LAN computer that causes (or triggers) the ZyXEL Device to record the IP address of ports) to the client computer on the...P-660HN-51 User's Guide The trigger port is read -only in the Port Triggering Configuration screen. Enter a name to enable this rule using keyboard characters (A-Z, a-z, 12 and so on the WAN. Trigger End Port Trigger Protocol Open Start Port Type a port number or the starting port number in a range of port numbers...
... or TCP/UDP. The open port is read -only in the Port Triggering Edit screen. The ZyXEL Device forwards the traffic with this port (or range of the LAN computer that causes (or triggers) the ZyXEL Device to record the IP address of ports) to the client computer on the...P-660HN-51 User's Guide The trigger port is read -only in the Port Triggering Configuration screen. Enter a name to enable this rule using keyboard characters (A-Z, a-z, 12 and so on the WAN. Trigger End Port Trigger Protocol Open Start Port Type a port number or the starting port number in a range of port numbers...
User Guide
Page 143
... Server Address, the ZyXEL Device discards all packets received for specified services, NAT supports a default server IP address. A default server receives packets from Address ports that are not specified in the NAT Port Forwarding Setup screen. Figure 50 Network Settings > NAT > DMZ The following table describes the fields in the NAT Port Forwarding screen. P-660HN-51 User's Guide...
... Server Address, the ZyXEL Device discards all packets received for specified services, NAT supports a default server IP address. A default server receives packets from Address ports that are not specified in the NAT Port Forwarding Setup screen. Figure 50 Network Settings > NAT > DMZ The following table describes the fields in the NAT Port Forwarding screen. P-660HN-51 User's Guide...
User Guide
Page 147
... Address) is the destination address on the WAN. The ZyXEL Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values ....168.1.10 Inside Global Address (IGA) P-660HN-51 User's Guide 147 It replaces the original IP source address (and TCP or UDP source port numbers for communication with hosts on other networks.... NAT maps private (local) IP addresses to globally unique ones required for Many-to-One and Many-to-Many Overload NAT mapping) in each packet and then forwards...
... Address) is the destination address on the WAN. The ZyXEL Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values ....168.1.10 Inside Global Address (IGA) P-660HN-51 User's Guide 147 It replaces the original IP source address (and TCP or UDP source port numbers for communication with hosts on other networks.... NAT maps private (local) IP addresses to globally unique ones required for Many-to-One and Many-to-Many Overload NAT mapping) in each packet and then forwards...
User Guide
Page 148
... Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Table 37 Services and Port...(Network News Transport Protocol) SNMP (Simple Network Management Protocol) PORT NUMBER 7 21 25 53 79 80 110 119 161 148 P-660HN-51 User's Guide Please also refer to RFC 1700 for more examples and details on port forwarding and NAT. Please refer to the Supporting CD for further...
... Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Table 37 Services and Port...(Network News Transport Protocol) SNMP (Simple Network Management Protocol) PORT NUMBER 7 21 25 53 79 80 110 119 161 148 P-660HN-51 User's Guide Please also refer to RFC 1700 for more examples and details on port forwarding and NAT. Please refer to the Supporting CD for further...
User Guide
Page 149
...660HN-51 User's Guide 149 You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Chapter 8 Network Address Translation (NAT) Table 37 Services and Port Numbers (continued) SERVICES SNMP trap PPTP (Point-to-Point Tunneling Protocol) PORT NUMBER 162 1723 Port Forwarding... Example Let's say you want to assign ports 21-25 to one FTP, Telnet and ...
...660HN-51 User's Guide 149 You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Chapter 8 Network Address Translation (NAT) Table 37 Services and Port Numbers (continued) SERVICES SNMP trap PPTP (Point-to-Point Tunneling Protocol) PORT NUMBER 162 1723 Port Forwarding... Example Let's say you want to assign ports 21-25 to one FTP, Telnet and ...
User Guide
Page 183
...a useful option for the pre-shared key. Select IP to identify this ZyXEL Device by AH. Distinguished Name) to identify the remote IPSec router by which to identify this ZyXEL Device in a certificate. P-660HN-51 User's Guide 183 The ESP protocol (RFC 2406) provides encryption as well ...this field is not used only with them over a secure connection. Advanced IKE Settings NAT_Traversal Phase 1/Phase 2 When you have to forward UDP port 500 packets to the remote IPSec router behind the remote IPSec router. Otherwise, click Hide Advanced Settings. Select Pre-Shared Key to...
...a useful option for the pre-shared key. Select IP to identify this ZyXEL Device by AH. Distinguished Name) to identify the remote IPSec router by which to identify this ZyXEL Device in a certificate. P-660HN-51 User's Guide 183 The ESP protocol (RFC 2406) provides encryption as well ...this field is not used only with them over a secure connection. Advanced IKE Settings NAT_Traversal Phase 1/Phase 2 When you have to forward UDP port 500 packets to the remote IPSec router behind the remote IPSec router. Otherwise, click Hide Advanced Settings. Select Pre-Shared Key to...
User Guide
Page 282
... it relays IP address assignment from an external server when you can use this service with a Dynamic DNS service provider. The ZyXEL Device supports versions 1 and 2 of certain URL that you to block access to Internet web sites of IGMP (Internet Group Management...can use the web configurator to put it from the Internet. URL filtering allows you specify. 282 P-660HN-51 User's Guide Configuration Backup & Restoration Network Address Translation (NAT) Port Forwarding DHCP (Dynamic Host Configuration Protocol) Dynamic DNS Support IP Multicast Time and Date Logs Universal Plug and ...
... it relays IP address assignment from an external server when you can use this service with a Dynamic DNS service provider. The ZyXEL Device supports versions 1 and 2 of certain URL that you to block access to Internet web sites of IGMP (Internet Group Management...can use the web configurator to put it from the Internet. URL filtering allows you specify. 282 P-660HN-51 User's Guide Configuration Backup & Restoration Network Address Translation (NAT) Port Forwarding DHCP (Dynamic Host Configuration Protocol) Dynamic DNS Support IP Multicast Time and Date Logs Universal Plug and ...
User Guide
Page 369
... 102 WPS 110 Local Area Network, see LAN login 27 passwords 28 login account types 259 administrator 259 guest 259 logs 245, 253, 261 P-660HN-51 User's Guide Index M MAC address 89, 118 filter 88, 100 MAC authentication 88 Mac filter 151 MBS 75 MBSSID 103 multicast 64 IGMPInternet Group..., 146, 329 applications 148 IP alias 148 example 147 global 146 IGA 146 ILA 146 inside 146 IPSec 192 local 146 outside 146 port forwarding 134 port number 148 services 148 SIP ALG 144 activation 144 traversal 193 NAT example 149 negotiation mode 192 Network Address Translation see NAT Network Address ...
... 102 WPS 110 Local Area Network, see LAN login 27 passwords 28 login account types 259 administrator 259 guest 259 logs 245, 253, 261 P-660HN-51 User's Guide Index M MAC address 89, 118 filter 88, 100 MAC authentication 88 Mac filter 151 MBS 75 MBSSID 103 multicast 64 IGMPInternet Group..., 146, 329 applications 148 IP alias 148 example 147 global 146 IGA 146 ILA 146 inside 146 IPSec 192 local 146 outside 146 port forwarding 134 port number 148 services 148 SIP ALG 144 activation 144 traversal 193 NAT example 149 negotiation mode 192 Network Address Translation see NAT Network Address ...
User Guide
Page 370
... Per-Hop Behavior, see PHB 226 PHB 226 PIN, WPS 105 example 107 Ping of Death 154 Point-to-Point Tunneling Protocol 149 POP3 148 port forwarding 134 PPPoA 73 PPPoE 73 PPTP 149 preamble 96, 98 preamble mode 111 pre-shared key 195 private IP address 131 product registration 366 PSK... Services 148 setup firewalls 155 static route 203, 208, 258 shaping traffic 75 Single Rate Three Color Marker, see srTCM SIP ALG 144 activation 144 P-660HN-51 User's Guide
... Per-Hop Behavior, see PHB 226 PHB 226 PIN, WPS 105 example 107 Ping of Death 154 Point-to-Point Tunneling Protocol 149 POP3 148 port forwarding 134 PPPoA 73 PPPoE 73 PPTP 149 preamble 96, 98 preamble mode 111 pre-shared key 195 private IP address 131 product registration 366 PSK... Services 148 setup firewalls 155 static route 203, 208, 258 shaping traffic 75 Single Rate Three Color Marker, see srTCM SIP ALG 144 activation 144 P-660HN-51 User's Guide